CVE-2009-3365

2009-09-2416:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.3%

JSON

PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.

References

www.exploit-db.com/exploits/9656